I'm infected with a trojan...JS LOOP.A!!!!

JawZ · Post by **JawZ** » Sun Mar 03, 2002 12:15 pm

InnoculateIT never picked it up and still doesn't but Trend Micro's free online virus scan did....Housecall.

I can't believe the location either....it was in a program I installed from Evrsoft called 1st Page 2000. It is an WYSIWYG Html Editor. It was located in the buttons folder under the name 6 buttons from Hell.isz

this is the 3rd time that Housecall picked up a virus or Trojan that Norton, McAfee, InnoculateIt or AVG couldn't.

I had a client's PC the other day that was infected with a JS Seeker variant that AVG wasn't picking up either.

So beware of the virus! they are definitely out there but Housecall seems to do the trick.

I wonder if I should contact CA to let them know that InnoculateIt aint detecting it....hell...I'm paying for the program!

I don't even know how I got infected being that InnoculateIt never picked it up when I downloaded the program a few weeks ago. I guess that means that Evrsoft should also be contacted????

Joint Chiefs of Staff · Sun Mar 03, 2002 12:18 pm

got a link for House Call?

nomahe · Post by **nomahe** » Sun Mar 03, 2002 12:23 pm

http://housecall.antivirus.com/

Chris · Post by **Chris** » Sun Mar 03, 2002 12:35 pm

no no no, Trojans are supposed to prevent infection

blebs · Post by **blebs** » Sun Mar 03, 2002 12:40 pm

Anti-virus programs catch some, but not even close to all trojans.
If you run a good AV, which you do, you should still have a good AT to run along side of it. None are free, but have free trials that will allow you to get the job done.

Check out
The Cleaner from Moosoft
Anti-Trojan 5.5 from Anti-Trojan.net
Tauscan from Agnitum

http://www.moosoft.com/download.php

http://www.anti-trojan.net/at.asp?l=en

http://www.agnitum.com/download/

JawZ · Post by **JawZ** » Sun Mar 03, 2002 12:44 pm

Originally posted by Martiangod
no no no, Trojans are supposed to prevent infection

hehehe that too

JawZ · Post by **JawZ** » Sun Mar 03, 2002 12:46 pm

Originally posted by blebs99
Anti-virus programs catch some, but not even close to all trojans.
If you run a good AV, which you do, you should still have a good AT to run along side of it. None are free, but have free trials that will allow you to get the job done.

Check out
The Cleaner from Moosoft
Anti-Trojan 5.5 from Anti-Trojan.net
Tauscan from Agnitum

http://www.moosoft.com/download.php

http://www.anti-trojan.net/at.asp?l=en

http://www.agnitum.com/download/

thanks Blebs...I try to save those trial versions for really big emergencies....I think I'm safe for the time being as I'm not having any problems with the computer. If things start to look hairy...I'll be sure to deploy the big guns!

syncmaster · Post by **syncmaster** » Sun Mar 03, 2002 12:47 pm

The only Antivirus that blocks infections from trojans in HTML pages is the Norton antivirus 2002 ...
My antivirus got alerted and block , more than 5 times , spesialy in warez sites ..

poptom · Post by **poptom** » Sun Mar 03, 2002 1:15 pm

Thanks for bringing Housecall to our attention. I just tried it and it found and removed JS_seeker before it ran the full scan.

Silver · Post by **Silver** » Sun Mar 03, 2002 2:31 pm

Running housescan right now...

whoo hoo, no viri. Guess that means I win.

BadEditor · Post by **BadEditor** » Sun Mar 03, 2002 2:41 pm

Wait Wait... You got the Trojan from installing Evrsoft's 1stPage2000? - crap i just installed that yesterday!!!!

Going to run 'House call' right now..... be back with results.

Croc · Post by **Croc** » Sun Mar 03, 2002 2:58 pm

You don't have to wait for a problem to occur before d/loading a trial version of a Trojan Scanner.

The link will give a list of free and not so free scanners. Try one of the free ones.

http://www.staff.uiuc.edu/~ehowes/soft5.htm

Good call again blebs. AV programs don't pick on all trojans. That's not their job.

Croc.

BadEditor · Post by **BadEditor** » Sun Mar 03, 2002 3:17 pm

Yep ... I Ran Housecall, and it too found the file in Question.

"It was located in the buttons folder under the name 6 buttons from Hell.isz"

-Off to find out more info on this-

Quick Link - http://vil.nai.com/vil/content/v_99220.htm

BadEditor · Post by **BadEditor** » Sun Mar 03, 2002 3:53 pm

From what i gather.... (just my thoughts) -it is a script file provided to create an Html file that will popup browser windows over and over in a loop until your system crashes and you have to reboot...

The file is Provided by 1stpage2000 program, so that the user can create a website/Html file that causes Someone Elses system to get caught in a loop...

I know that i've been to different forums (quake3world discussion) and someone says 'HAy cLicK 0n THiS aWs0mE LiNk' and when you click on it... BOOM you get browser windows popping up everywhere with gross pictures, etc.... = Thats what you use the script for, to create that = the reason the script set is called 'six buttons from hell'

I deleted the file anyhow. THANKS UDO for the Info!